RFR: 8331682: Slow networks/Impatient clients can potentially send unencrypted TLSv1.3 alerts that won't parse on the server [v26]
Bradford Wetmore
wetmore at openjdk.org
Mon Nov 4 18:35:38 UTC 2024
On Mon, 4 Nov 2024 17:32:46 GMT, Artur Barashev <abarashev at openjdk.org> wrote:
>> test/jdk/sun/security/ssl/SSLCipher/SSLSocketNoServerHelloClientShutdown.java line 52:
>>
>>> 50:
>>> 51: /**
>>> 52: * To reproduce @bug 8331682 (client sends an unencrypted TLS alert during
>>
>> We used to have a SSLSocketSSLEngineTemplate.java which did exactly this (Socket on client/Engine on Server by default, but could be switched IIRC), I wonder what happened to it.
>
> It was removed as part of this work:
> https://bugs.openjdk.org/browse/JDK-8284047
Interesting. That's too bad.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/21043#discussion_r1828202649
More information about the security-dev
mailing list